Blogs

How to Add and Delete Users on Ubuntu 18.04 – DigitalOcean

Posted on by admin

Adding

and removing users on a Linux system is one of the most important system administration tasks you should become familiar with. When you create a new system, you are often only given access to the root account by default.

While running as root gives you complete control over a system and its users, it is also dangerous and possibly destructive. For common system administration tasks, it’s a better idea to add an unprivileged user and perform those tasks without root privileges. You can also create additional unprivileged accounts for any other users you may have on your system. Each user of a system must have their own separate account.

For tasks that require administrator privileges, there is a tool installed on Ubuntu systems called sudo. Briefly, sudo allows you to run a command as another user, including users with administrative privileges. In this guide, you will learn how to create user accounts, assign sudo privileges, and delete users.

Prerequisites To

complete this tutorial, you will need access to a server running Ubuntu 18.04. Make sure that you have root access to the server and firewall enabled. To set this up, follow our Initial Server Setup Guide for Ubuntu 18.04.

Add

a user If you are logged in as root, you can create a new user at any time by running the following: adduser newuser

If you are logged in as a non-root user who has been granted sudo privileges, you can add a new user with the following command:

  1. sudo adduser newuser Either

way, you will be asked to answer a series of questions:

  • Assign and confirm a password for

    • the new user.

  • Enter any additional information about the new user. This is optional and can be omitted by pressing ENTER if you do not want to use these fields.
  • Finally, you will be asked to confirm that the information you provided was correct. Press Y to continue.

Your new user

is now ready for use and you can log in with the password you entered

. If

you need the new user to have administrative privileges, continue to the next section

.

Granting Sudo

User Privileges If your new user must

have the ability to execute commands with root (administrative) privileges, you must grant the new user access to sudo. Let’s examine two approaches to this task: first, adding the user to a predefined sudo user group, and second, specifying per-user privileges in the sudo settings.

Add the new user to

the Sudo

group By default, sudo on

Ubuntu 18.04 systems is configured to extend full privileges to any user in the sudo group.

You can see which groups your

new user is in with the groups command: groups newuser Outputnewuser : newuser By default, a new user is only in their own group because

  1. adduser

creates it in addition to the user profile. A user and their own group share the same name. To add the user to a new group, you can use

the usermod command: usermod -aG sudo

  1. newuser

The -aG option tells usermod to add the user to the listed groups

.

Note that the usermod command itself requires sudo privileges. This means that you can only add users to the sudo group if you are logged in as root or as another user who has already been added as a member of the sudo group. In the latter case, you will have to precede

this command with sudo, as in this example: sudo

  1. usermod -aG sudo newuser

Specifying explicit user privileges in /etc/sudoers As an alternative to putting your user in the sudo group, you can use the visudo command, which opens a configuration file called /

etc/sudoers in

the system’s default editor. and explicitly specify per-user privileges.

Using visudo is the only recommended way to make changes to /etc/sudoers because it locks the file against multiple simultaneous edits and performs a validation check of its contents before overwriting the file. This helps avoid a situation where you misconfigure sudo and you can’t fix the problem because you’ve lost sudo privileges.

If you are currently logged in as root, run the following: visudo

If you are logged in as a non-root user with sudo privileges, run the same command with the prefix

sudo: sudo visudo Traditionally,

  1. visudo

opened /etc/

  1. sudoers

in the vi editor, which can be confusing for inexperienced users. By default on new Ubuntu installations, visudo will use the nano text editor, which provides a more convenient and accessible text editing experience. Use the arrow keys to move the cursor and locate the line that says

the following: root ALL=(ALL:ALL) ALL

Below this line, add the following highlighted line. Be sure to change newuser to the name of the user profile to which you want to grant privileges

sudo: root ALL=(ALL:ALL) ALL newuser ALL=(ALL:ALL) ALL

Add a new line like this for each user who should be granted full sudo privileges. When you’re done, save and close the file by pressing CTRL+X, followed by Y, and then ENTER to confirm.

Testing your

user’s

sudo privileges The new user can now run commands with administrative privileges. When you log in as the

new user, you can run commands like your normal user by typing commands as usual

: some_command

You can run the same command with administrative privileges by typing sudo in front of the command:

  1. sudo some_command

When you do this, you will be asked to enter the password of the normal user account with which you have logged in.

Deleting

a user

In the event that you no longer need a user, it is better to delete the old account.

You can delete the user himself, without deleting any of his files, by running the following command as root: deluser newuser If you are logged in as

another non-root user with sudo privileges, you must use the following: sudo

  1. deluser newuser

Yes, instead, you

want to delete the user’s home directory When the user is deleted, you can issue the following command as root: deluser -remove-home newuser If you are running this as a non-root user with sudo privileges, you

would run the same command with the sudo prefix:

  1. sudo deluser -remove-home
  1. newuser

If you previously set sudo privileges for the user you deleted, you may want to delete the relevant line again

: visudo

Or use the following command if you are

a non-root user with sudo privileges: sudo

  1. visudo

root ALL=(ALL:ALL) ALL newuser ALL=(ALL:ALL) ALL # DELETE THIS LINE This

will prevent a new user created with the same name from accidentally receiving sudo privileges.

Conclusion

You should now have a good handle on how to add and remove users from your Ubuntu 18.04 system. Effective user management will allow you to separate users and give them only the access that is required of them to do their jobs.

For more information on how to set up sudo, see our guide on how to edit the sudoers file.

admin